What is claimed is: 

CLAIMS 

1 1 . A method of providing cryptographic parameters for use in cryptographic 

2 applications in response to requests therefor, comprising the steps of: 

3 pre-computing one or more different types of sets of cryptographic parameters, 

4 each said type of set being adapted for use by an associated type of cryptographic 

5 application; 

6 securely storing said pre-computed sets of cryptographic parameters in a memory 

7 storage unit; 

8 receiving a request for a set of cryptographic parameters having specified 

9 characteristics for use in a particular cryptographic application; 

?a -10 determining one of said sets of cryptographic parameters stored in said memory 

h31 1 storage unit that has specified characteristics; 

yJ2 accessing said determined set of cryptographic parameters from said memory 

Jffl 3 storage unit; and 

SE4 providing said determined set of cryptographic parameters with minimal latency. 

H; 1 2. A method as recited in claim 1 wherein: 

fy 2 said step of pre-computing includes pre-computing one or more different types of 

— 3 sets of cryptographic parameters, each said set of an associated type including an 

^ 4 associated number k of randomly generated distinct prime number values that are suitable 

5 for use in an associated type of cryptographic application, wherein k > 1 ; and 

6 said step of receiving includes receiving a request specifying characteristics 

7 including a specified number of requested prime number values. 

13. A method as recited in claim 1 wherein: 

2 said step of pre-computing includes pre-computing one or more different types of 

3 sets of cryptographic parameters, each said set of an associated type including an 

4 associated number k of randomly generated distinct prime number values that are suitable 

5 for use in an associated type of cryptographic application, wherein k > 1 , and wherein 

6 each of said prime number values has an associated length; and 
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said step of receiving includes receiving a request specifying characteristics 
including a specified number of requested prime number values and an associated 
specified length of each of said requested prime number values. 



14. A method as recited in claim 1 wherein: 

2 said step of pre-computing one or more different types of sets of cryptographic 

3 parameters, each said set of an associated type including an associated modulus n having 

4 an associated length L, each said modulus n being a composite number generated from 

5 the product of an associated number k of randomly generated distinct prime number 

6 values pi, p 2 > . . . pk, wherein k > 2; and 

7 said step of receiving includes receiving a request specifying characteristics 

8 including a specified length of a requested modulus and a specified number of prime 

9 number values constituting prime factors of said requested modulus. 

15, A method as recited in claim 4 wherein: 

2 said step of pre-computing includes pre-computing one or more different types of 

3 sets of cryptographic parameters, each said set of an associated type further including an 

4 associated public key exponent value e; and 

5 said step of receiving includes receiving a request specifying characteristics 

6 further including a specified public key exponent value. 

1 6. A method as recited in claim 5 wherein said step of pre-computing includes pre- 

2 computing one or more different types of sets of cryptographic parameters, each said set 

3 of an associated type further including an associated private exponent value d determined 

4 based on said associated prime number values pi, p 2 , . . . pk and said associated public key 

5 exponent value e. 

1 7. A method as recited in claim 6 wherein said step of pre-computing includes pre- 

2 computing a plurality of different one or more types of sets of cryptographic parameters, 

3 each said set of an associated type further including a set of sub-task private exponents 
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4 di, d2, ... dk pre-computed based on the associated prime number values pi, p2, . - Pk and 

5 also based on the associated private exponent value d 

18. A method as recited in claim 4 wherein said step of pre-computing includes pre- 

2 computing one or more different types of sets of cryptographic parameters, each said set 

3 of an associated type further including at least one set of Chinese Remainder Algorithm 

4 coefficients pre-computed based on said k associated prime number values prime number 

5 values pi,p2, ... pk; and 

6 said step of receiving includes receiving a request specifying characteristics 

7 further including a specified type of Chinese Remainder Algorithm, 

1 9. A method as recited in claim 8 wherein said at least one set of set of Chinese 

¥ 2 Remainder Algorithm coefficients includes a first set of coefficients that may be used in a 

M 3 summation type of Chinese Remainder Algorithm, and a second set of coefficients that 

f n 4 may be used in an iterative type of Chinese Remainder Algorithm, 

=51 10. A method as recited in claim 1 wherein each said set of parameters includes an 

f 3 2 associated number k of randomly generated prime numbers, wherein k > 1 , and wherein 

3 said step of pre-computing is performed by a processing unit and a plurality of 

m 4 exponentiation units communicatively coupled with the processing unit, said step of pre- 

il 5 computing including: 

6 randomly generating a plurality of k random odd numbers each being a prime 

7 number candidate; and 

8 performing at least one probabilistic primality test on each of said candidates, 

9 each of said primality tests including an associated exponentiation operation executed by 

10 an associated one of the exponentiation units, said exponentiation operations being 

1 1 performed by said associated exponentiation units in parallel. 

1 11. A method as recited in claim 1 wherein each said set of parameters includes an 

2 associated number k of randomly generated prime numbers, wherein k > 1 , and wherein 

3 said step of pre-computing is performed by a processing unit and a plurality of 
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4 exponentiation units communicatively coupled with the processing unit, said step of pre- 

5 computing including: 

6 randomly generating at least one random odd number providing a prime number 

7 candidate; 

8 determining a plurality of y additional odd numbers based on said at least one randomly 

9 generated odd number to provide y additional prime number candidates, thereby providing a total 

10 number of y+1 candidates; and 

1 1 performing at least one probabilistic primality test on each of said y+1 candidates, each 

12 of the y+1 primality tests including an associated exponentiation operation executed by an 

13 associated one of y+1 of the exponentiation units, said y+1 exponentiation operations being 

14 performed by said associated y+1 exponentiation units in parallel. 

~;i 1 12. A method as recited in claim 1 1 wherein each said randomly generated odd 

08 2 number provides a random seed, and wherein said step of pre-computing further includes 

m 3 the step of determining only one prime number value based on each said random seed so 

:i 4 that successive prime numbers are not determined by multiple performances of said step 

*p 5 of pre-computing. 

j^f 1 13. A method as recited in claim 1 wherein said step of securely storing said pre- 

ffl 2 computed cryptographic parameters in a memory storage unit further includes storing at 

rf 3 least a portion of said cryptographic parameters in a first memory unit that is protected 

4 within a logical and physical security boundary. 

1 14. A method as recited in claim 13 wherein said step of securely storing said 

2 cryptographic parameters in a memory storage unit further includes: 

3 encrypting at least one of said cryptographic parameters using a cryptographic 

4 key; 

5 storing said cryptographic key in said first memory unit located within said 

6 security boundary; and 

7 storing said encrypted cryptographic parameters in a second memory unit located 

8 outside of said security boundary. 
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1 15. A method as recited in claim 14 wherein said step of accessing includes: 

2 accessing said encrypted cryptographic parameters from said second memory 

3 unit; 

4 accessing said cryptographic key from said first memory unit; and 

5 decrypting said accessed cryptographic parameters using said accessed cryptographic 

6 key. 

1 16. A method of providing cryptographic parameters for use in cryptographic 

2 applications in response to requests therefor, comprising the steps of: 

3 pre-computing one or more different types of sets of cryptographic parameters, 

4 each said type of set being adapted for use by an associated type of cryptographic 

5 application using an associated public key exponent value e, each said set of an 

6 associated type including, 

7 an associated modulus n having an associated length L and being a 

8 composite number generated from the product of an associated number k of 

9 randomly generated distinct and suitable prime number values pi , p 2 , . . . pic, 

10 wherein k> 1, 

1 1 an associated public key exponent value e, 

12 an associated private key exponent value d determined based on the 

1 3 associated prime number values pi , p 2 , . . . Pk and the associated public key 

1 4 exponent value e, 

15 a set of sub-task private exponents di , d 2 , . . . dk that are pre-computed 

16 based on the associated prime number values pi , p 2 , . . . pk and the associated 

1 7 private key exponent value d, and 

1 8 at least one set of Chinese Remainder Algorithm coefficients pre- 

19 computed based on said associated prime number values pi, p 2 , ... pk; 

20 securely storing said different types of sets of cryptographic parameters in a 

21 memory storage unit; 
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22 receiving a request for a specified type of set of cryptographic parameters having 

23 specified characteristics for use in a particular cryptographic application, said specified 

24 characteristics including, 

25 a specified length L of a requested modulus N that is to be a composite 

26 number generated as a product of an associated specified number of prime 

27 number values, 

28 a specified public key exponent value e, and 

29 a specified type of Chinese Remainder Algorithm being used by the 

30 particular cryptographic application; 

3 1 determining one of said sets of cryptographic parameters stored in said memory 

32 storage unit that has said specified characteristics; 

33 accessing said determined set of cryptographic parameters from said memory 

34 storage unit; and 

35 providing said determined set of cryptographic parameters with minimal latency. 

1 17. A method for providing prime number values with minimal latency in response to 

2 requests therefor, comprising the steps of: 

3 pre-computing a plurality of random distinct prime number values that are 

4 suitable for use in a cryptographic security application; 

5 securely storing said pre-computed prime number values in a memory storage 

6 unit; 

7 receiving a request for at least one prime number value to be used in a particular 

8 cryptographic application; 

9 accessing at least one of said securely stored prime number values from said 

10 memory storage unit; and 

1 1 providing said at least one accessed prime number value with minimal latency in 

12 response to said request. 

1 18. A method as recited in claim 1 7 wherein: 

2 said step of pre-computing includes pre-computing a plurality of random distinct 

3 prime number values having different associated lengths; 
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5 



said step of receiving a request further includes receiving information indicating 
an associated specified length for at least one of said prime number values; and 



6 



said step of accessing includes, 



7 



determining at least one of said securely stored prime number values that 
has said associated specified length, and 



8 



10 



9 



accessing said at least one determined prime number value from said 
memory storage unit. 



1 19. A method as recited in claim 17 wherein said step of receiving a request further 

2 includes receiving information indicating a specified number of requested prime number 

3 values. 
1 

^ 2 20. A system for providing cryptographic parameters for use in cryptographic 

m 3 applications in response to requests therefor, comprising: 

~ 4 means for pre-computing one or more different types of sets of cryptographic 

O 5 parameters, each said type of set being adapted for use by an associated type of 

jz 6 cryptographic application; 

L ; 7 memory storage means for securely storing said pre-computed sets of 

W 8 cryptographic parameters; 

m 9 means for receiving a request for a set of cryptographic parameters having 

H O specified characteristics for use in a particular cryptographic application; 

1 1 means for determining one of said sets of cryptographic parameters stored in said 

12 memory storage unit that has specified characteristics; 

13 means for accessing said determined set of cryptographic parameters from said 

14 memory storage unit; and 

1 5 means for providing said determined set of cryptographic parameters with 

16 minimal latency. 

1 21. A system as recited in claim 20 wherein: 

2 said means for pre-computing is operative to pre-computing one or more different 

3 types of sets of cryptographic parameters, each said set of an associated type including an 
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4 associated number k of randomly generated distinct prime number values that are suitable 

5 for use in an associated type of cryptographic application, wherein k > 1 ; and 

6 said means for receiving is responsive to a request specifying characteristics 

7 including a specified number of requested prime number values. 

1 22, A system as recited in claim 20 wherein: 

2 said means for pre-computing is operative to pre-computing one or more different 

3 types of sets of cryptographic parameters, each said set of an associated type including an 

4 associated number k of randomly generated distinct prime number values that are suitable 

5 for use in an associated type of cryptographic application, wherein k > 1, and wherein 

6 each of said prime number value has an associated length; and 

7 said means for receiving is responsive to a request specifying characteristics 

8 including a specified number of requested prime number values and an associated 

9 specified length of each of said requested prime number values. 

1 23. A system as recited in claim 20 wherein: 

2 said means for pre-computing is operative to pre-computing one or more different 

3 types of sets of cryptographic parameters, each said set of an associated type including an 

4 associated modulus n having an associated length L, each said modulus n being a 

5 composite number generated from the product of an associated number k of randomly 

6 generated distinct prime number values pi, P2, ... pk> wherein k > 2; and 

7 said means for receiving is responsive to a request specifying characteristics 

8 including a specified length of a requested modulus and a specified number of prime 

9 number values constituting prime factors of said requested modulus. 

1 24. A system as recited in claim 23 wherein said means for pre-computing is 

2 operative to pre-computing one or more different types of sets of cryptographic 

3 parameters, each said set of an associated type further including an associated public key 

4 exponent value e; and 

5 said means for receiving is responsive to a request specifying characteristics 

6 further including a specified public key exponent value. 
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1 25. A system as recited in claim 24 wherein said means for pre-computing is 

2 operative to pre-computing one or more different types of sets of cryptographic 

3 parameters, each said set of an associated type further including an associated private 

4 exponent value d determined based on said associated prime number values pi, p 2 , . . . pk 

5 and said associated public key exponent value e. 

1 26. A system as recited in claim 25 wherein said means for pre-computing is 

2 operative to pre-computing one or more different types of sets of cryptographic 

3 parameters, each said set of an associated type further including a set of sub-task private 

4 exponents dj, d 2 , ... dk pre-computed based on the associated prime number values pi, p 2 , 

5 . . . p k and also based on said associated private exponent value d. 

1 27. A system as recited in claim 23 wherein: 

2 said means for pre-computing is operative to pre-computing one or more different 

3 types of sets of cryptographic parameters, each said set of an associated type further 

4 including at least one set of Chinese Remainder Algorithm coefficients pre-computed 

5 based on said associated prime number values pi, p 2 , ... Pk; and 

6 said means for receiving is responsive to a request specifying characteristics 

7 further including a specified type of Chinese Remainder Algorithm. 

1 28. A system as recited in claim 27 wherein said at least one set of set of Chinese 

2 Remainder Algorithm coefficients includes a first set of coefficients that may be used in a 

3 summation type of Chinese Remainder Algorithm, and a second set of coefficients that 

4 may be used in an iterative type of Chinese Remainder Algorithm 

1 29. A system as recited in claim 22 wherein said means for pre-computing includes a 

2 prime number generation unit for randomly generating said prime numbers. 



109669.03 



-41- 



20206-15 

SV/ 109669.05 
03202001/11:05/20206.15 



1 30. A system as recited in claim 29 wherein said prime number generation unit 

2 provides for searching in parallel for a plurality of prime number values simultaneously, 

3 said prime number generation unit including: 

4 processing means operative to randomly generate a random odd number providing 

5 a prime number candidate, and to provide a set of test parameters associated with a 

6 probabilistic primality test to be performed on each said randomly generated number, 

7 each said set of said test parameters including said associated randomly generated 

8 number; and 

9 at least one exponentiation unit being communicatively coupled with said 

10 processing means, and being responsive to said set of test parameters, and operative to 

1 1 perform an exponentiation operation based on said set of test parameters and an 

12 associated base value, and also operative to generate a primality test result signal 

13 declaring said prime number candidate to be either composite or prime with reference to 

14 said associated base value; 

15 said processing means being responsive to said primality test result signal, and 

16 operative to process said test result signal for the purpose of eliminating randomly 

17 generated numbers declared to be composite in accordance with a search for prime 

18 number values. 

1 31. A system as recited in claim 29 wherein said prime number generation unit 

2 provides for searching in parallel for a plurality of prime number values simultaneously, 

3 said prime number generation unit including: 

4 processing means operative to randomly generate a plurality of k random odd 

5 numbers each providing a prime number candidate, and to provide at least one set of test 

6 parameters associated with a probabilistic primality test to be performed on each one of 

7 said plurality of k randomly generated numbers, each said set of said test parameters 

8 including said associated randomly generated number and an associated base value; and 

9 a plurality of exponentiation units each being communicatively coupled with said 

10 processing means, and being responsive to an associated one of said sets of test 

1 1 parameters, and operative to perform an exponentiation operation based on said 

1 2 associated set of test parameters, and also operative to generate a primality test result 
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13 signal declaring said associated prime number candidate to be either composite or prime 

14 with reference to said associated base value, said exponentiation units being operative to 

1 5 perform said exponentiation operations in parallel; 

16 said processing means being responsive to said primality test result signals, and 

17 operative to process said test result signals for the purpose of eliminating randomly 

1 8 generated numbers declared to be composite in accordance with a search for prime 

19 number values. 

1 32. A system as recited in claim 29 wherein said prime number generation unit 

2 provides for searching in parallel for a plurality of prime number values simultaneously, 

3 said prime number generation unit including: 

4 processing means operative to randomly generate at least one random odd number 
fS 5 providing a prime number candidate, and to determine a plurality of y additional odd 

P 6 numbers based on each of said at least one randomly generated odd number to provide y 

CO 7 additional prime number candidates, thereby providing a total number of y+1 candidates, 

H 8 said processing means also being operative to provide at least one set of test parameters 

B P 9 associated with a probabilistic primality test to be performed on each one of said prime 

qIO number candidates, each said set of test parameters including said associated prime 

Si 1 number candidate and an associated base value; and 

CP 12 a plurality of exponentiation units each being communicatively coupled with said 

u 13 processing means, and being responsive to an associated one of said sets of test 

14 parameters, and operative to perform an exponentiation operation based on said 

15 associated set of test parameters, and also operative to generate a primality test result 

16 signal declaring said associated prime number candidate to be either composite or prime 

17 with reference to said associated base value, said exponentiation units being operative to 

1 8 perform said exponentiation operations in parallel; 

1 9 said processing means being responsive to said primality test result signals, and 

20 operative to process said test result signals for the purpose of eliminating randomly 

21 generated numbers declared to be composite in accordance with a search for prime 

22 number values. 
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1 33. A system as recited in claim 32 wherein each said randomly generated odd 

2 number provides a random seed, and wherein said processing means is further operative 

3 to determine only one prime number value for each said random seed so that said prime 

4 number generation unit does not generate successive primes, 

1 34. A system as recited in claim 29 wherein said prime number generation unit is 

2 configured to be protected within a logical and physical security boundary. 

1 35. A system as recited in claim 34 wherein said storage means includes a first 

2 memory unit located within said security boundary of said prime number generation unit. 

1 36. A system as recited in claim 35 wherein: 

2 said storage means further includes a second memory unit located outside of said 

3 security boundary; and 

4 said prime number generation unit includes means for encrypting a pre-computed 

5 prime number using a cryptographic key, storing said cryptographic key in said first 

6 memory unit located within said security boundary, and storing the encrypted prime 

7 number in said second memory unit located outside of said security boundary. 

1 37. A system as recited in claim 36 wherein said second memory unit is a database. 

1 38. A server system operative to pre-compute prime numbers and securely store the 

2 pre-computed prime numbers for later use, comprising: 

3 a server computing system communicatively coupled with a plurality of remote 

4 clients via a network, and being responsive to requests for randomly generated prime 

5 numbers each being associated with ones of said remote clients; 

6 a prime number generation unit communicatively coupled with said server 

7 computing system and providing for pre-computing a plurality of randomly generated 

8 prime numbers, said prime number generation unit being configured to be protected 

9 within a logical and physical security boundary; and 
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10 a secure memory unit protected within said security boundary and being 

1 1 communicatively coupled with said server computing system and said prime number 

12 generation unit, said secure memory unit providing for storage of said pre-computed 

13 prime numbers; 

14 said server computing system being operative to access said prime numbers stored 

15 in said secure memory unit, and to provide said prime numbers with minimal latency in 

16 response to said requests for randomly generated prime numbers. 

1 39. A server system as recited in claims 38 further comprising: 

2 an unsecure memory unit located outside of said security boundary and being 

3 communicatively coupled with said server computing system and said prime number 

4 generation unit, said unsecure memory unit also providing for storage of pre-computed 

5 prime numbers; and 

Co 6 means for encrypting a pre-computed prime number using a cryptographic key, 

? I 7 for storing said cryptographic key in said secure memory unit protected within said 

Q 8 security boundary, and for storing the encrypted prime number in said unsecure memory 

JJ 9 unit located outside of said security boundary; 

^10 said server computing system being further operative to access said encrypted 

Wl 1 prime number stored in said unsecure memory unit, to access said cryptographic key 

rfrl2 from said secure memory unit, to decrypt said accessed prime number using said 

'rf 1 3 cryptographic key, and to provide said decrypted prime number with minimal latency in 

14 response to one of said requests for a randomly generated prime number. 

1 40. A server system for processing cryptographic transactions and for providing 

2 prime number values in response to user requests therefor, comprising: 

3 a server computing system operative communicatively coupled with a plurality of 

4 remote clients via a network, and including a queuing means for storing a plurality of 

5 queued job requests including cryptographic transaction job requests, and prime number 

6 requests having associated length parameters specifying a length for a randomly 

7 generated prime number, said server computing system being operative to determine a 
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8 number of prime number requests and a number of transaction job requests currently 

9 stored in said queuing means; 

10 a cryptographic processing unit communicatively coupled with said server 

1 1 computing system, and being operative to search for randomly generated prime numbers 

12 and to process cryptographic transactions in response to requests therefor; 

13 at least one exponentiation unit communicatively coupled with said cryptographic 

14 processing unit and providing exponentiation resources for use in searching for randomly 

15 generated prime numbers and in processing cryptographic transactions; and 

16 a storage means communicatively coupled with said cryptographic unit for storing 

1 7 said randomly generated prime numbers; 

1 8 said cryptographic unit also being operative to perform the steps of, 

1 9 determining a number of pre-computed prime numbers currently stored in 

20 the local secure memory unit; 

21 based on the number of prime number requests and cryptographic 

22 transaction job requests currently stored in the queuing unit, and the number of 

23 cryptographic key values currently stored in the storage unit, dynamically 

24 allocating a first portion of said exponentiation resources for prime number 

25 searching, and a second portion of the total exponentiation resources for 

26 processing cryptographic transactions, 

27 performing prime number searching functions in response to said prime 

28 number requests and associated length parameters, said number searching 

29 functions including randomly generating at least one random odd number having 

30 the specified length, and performing at least one probabilistic primality test on 

3 1 said random number, each of said primality tests including an associated 

32 exponentiation operation executed using said first dynamically allocated portion 

33 of the said exponentiation resources, and 

34 performing cryptographic transaction processing functions in response to 

35 said cryptographic transaction job requests using said second dynamically 

36 allocated portion of said exponentiation resources. 
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1 41. A server system as recited in claim 40 wherein said cryptographic unit is 

2 operative to perform said step of determining said first and second dynamically allocated 

3 portions of said exponentiation resources by performing the further steps of: 

4 determining whether said number of stored prime number values is less than a 

5 predetermined number; and 

6 if the number of stored prime numbers is less than a predetermined number, 

7 dynamically increasing said first portion of said exponentiation resources allocated for 

8 prime number generating. 

1 42. In a server system for processing cryptographic transactions and for providing 



2 randomly generated prime numbers in response to requests therefor, the server system 

3 including a computing system operative to communicate with a plurality of remote clients 

4 via a network, a memory storage unit for storing said randomly generated prime numbers, 
CP 5 a queuing unit for storing a plurality of queued job requests including cryptographic 

go 6 transaction job requests, and prime number requests having associated length parameters 

M| 7 specifying a length for a randomly generated prime number to be provided, and at least 



=p 8 one exponentiation unit communicatively coupled with said cryptographic unit and 

q 9 providing exponentiation resources for use in searching for randomly generated prime 

10 numbers and in processing cryptographic transactions, a process of dynamically 

ml 1 allocating portions of said exponentiation resources for processing cryptographic 

rT12 transactions and for searching for randomly generated prime numbers, comprising the 

13 steps of: 

14 determining a number of prime number requests and a number of cryptographic 

15 transaction job requests currently stored in the queuing unit; 

1 6 determining a number of pre-computed prime numbers currently stored in the 

17 memory unit; and 

1 8 based on said number of prime number requests and said number of cryptographic 



19 transaction job requests currently stored in the queuing unit, and said number of prime 

20 numbers currently stored in the memory unit, determining portions of said exponentiation 

21 resources to be dynamically allocated for prime number searching, and for processing 

22 cryptographic transactions . 
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43. In a server system for processing cryptographic transactions and for providing 
randomly generated prime numbers in response to requests therefor, the server system 
including a computing system operative to communicate with a plurality of remote clients 
via a network, a memory storage unit for storing said randomly generated prime numbers, 
a queuing unit for storing a plurality of queued job requests including cryptographic 
transaction job requests, and prime number requests having associated length parameters 
specifying a length for a randomly generated prime number to be provided, and at least 
one exponentiation unit communicatively coupled with said cryptographic unit and 
providing exponentiation resources for use in searching for randomly generated prime 
numbers and in processing cryptographic transactions, a software system for dynamically 
allocating portions of said exponentiation resources for processing cryptographic 
transactions and for searching for randomly generated prime numbers, comprising: 

a first module for determining a number of prime number requests and a number 
of cryptographic transaction job requests currently stored in the queuing unit; 

a second module operative to determine a number of pre-computed prime 
numbers currently stored in the memory unit; 

a third module operative to determine a portion of said exponentiation resources 
to be dynamically allocated for prime number searching, and a portion of said 
exponentiation resources to be dynamically allocated for processing cryptographic 
transactions based on said number of prime number requests and said number of 
cryptographic transaction job requests currently stored in the queuing unit, and based on 
said number of prime numbers currently stored in the memory unit; 

a fourth module operative to perform prime number searching functions in 
response to said prime number requests and associated length parameters, said number 
searching functions including randomly generating at least one random odd number 
having the specified length, and performing at least one probabilistic primality test on 
said random number, each of said primality tests including an associated exponentiation 
operation executed using said first dynamically allocated portion of the said 
exponentiation resources; and 
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30 a fifth module operative to perform cryptographic transaction processing 

31 functions in response to said cryptographic transaction job requests using said second 

32 dynamically allocated portion of said exponentiation resources. 
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